Gandalf_The_Grey
Level 74
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 6,328
Cybersecurity researchers report increased activity of the Hello XD ransomware, whose operators are now deploying an upgraded sample featuring stronger encryption.
First observed in November 2021, the particular family was based on the leaked source code of Babuk and engaged in a small number of double-extortion attacks where the threat actors stole corporate data before encrypting devices.
According to a new report by Palo Alto Networks Unit 42, the malware's author has created a new encryptor that features custom packing for detection avoidance and encryption algorithm changes.
This marks a significant departure from the Babuk code and highlights the author's intention to develop a new ransomware strain with unique capabilities and features for increased attacks.